Majority of web sites use sign-up with social networks as alternate for traditional registration/login. Buttons “Login with: Facebook, Twitter, Google,... ” are present together with a login form very often now.

Using social networks for login simplifies a user experience and saves his time.

The author used social login on different web sites as well. Based on experience it was decided to build a PHP class/package that summarise the social login process on an abstract level and allows to implement the process with minimum coding.

Social login in common

For a user a social login looks like identical process in different social networks. Usually, it looks like: a user licks on a “login with ...” button. Is redirected to a social network website (http://facebook.com etc.) , clicks “Allow” on that site and, finally, is redirected back to an original website where his social login is processes and a session for a user is created.

However, on a back-end there is some difference.

Some social networks APIs don't need to connect to an api endpoint before to redirect a user a login page. Other has to connect to an API to init a login process, to get some special redirect url, to check some settings etc.

Next difference is that some APIs will require saving a specific data (request token etc) between 2 steps of an auth process – get a redirect url and complete login. For others no need to save something.

All such differences must be taken into account during a social login process.

Introduction gelembjuk/auth PHP package to unify the social login process.

The package is available in Composer. It allows to login with Facebook, Twitter, Google, LinkedIn with unified process and minimum coding. Additionally, the package can be easy extended with new social networks and same process will be used.

Installation

It is just normal installation with Composer

composer require gelembjuk/auth

Configuration

To use the package you need to get API settings for each social network you want to use. A config array can look like this:

The readme file on Github ( https://github.com/Gelembjuk/auth ) describes where to get API keys for each integration. You need to create new application for each API and copy your keys.

Basic usage

Create an object

$socialnetwork = $_REQUEST['network'];
// here you could check if $socialnetwork has correct allowed value.
// If no check and it is wrong then you will get an exception
// create social network login object.
// The second argument is array of API settings for a social network
$network = Gelembjuk\Auth\AuthFactory::getSocialLoginObject($socialnetwork,$integrations[$socialnetwork]);

Start the login processes

Prepare a redirect url. In some APIs this url must be also registered in an application settings. It must be url to your social login complete script.

Get social login auth page url. You will need to redirect a user to this page.

$url = $network->getLoginStartUrl($redirecturl);

Before redirect remember social login object state somewhere (usually in a $_SESSION) to restore it later.

$_SESSION['socialloginsate_'.$socialnetwork] = $network->serialize();

And remember what network was used. You can skip this line if current network is part of your $redirecturl or if you use only one network. In other words, on social login complete you need to know what network was used to create that object again

$_SESSION['socialloginnetwork'] = $socialnetwork;

And redirect a user to a social netork login page

header("Location: $url",true,301);
exit;

Complete a social login process

On a social network side a user will have to login to his account and then accept your request to grant permissions on basic access to his profile. If user cancels or disallow this then, anyway, he will be forwarded to your “login complete” page, same as in case of success.

On a login page we need to create same object as on start (it can be same script actually, depends on your implementation).

This is required because classes from the package don't have access to $_GET,$_REQUEST etc arrays directly (because of attempt to create a nice arhitecture).

Restore a state of the object to be same as before redirect

$network->unSerialize($_SESSION['socialloginsate_'.$socialnetwork]);

Complete login and get a user profile from a social network

$profile = $network->completeLogin($arguments);

The profile is an array with keys `userid`,`name`,`email`,`imageurl`.

This is done! Now you can remember the profile in a session to know that a user is already loged in your web site.

$_SESSION['user'] = $profile;

On practice, you rather will find DB record for such user by $profile['userid'] + $socialnetwork in your users table and remember user's internal ID in a session. If no user in the DB then he did his login for first time and you have to add him to the table.